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IN THE CLAIMS 

Please amend the claims as indicated in the following listing of claims, which replaces all 
previous listings. 

1. (Currently Amended) An apparatus for selecting the optimum location of a 
network service based on a user's geographical location and the configuration of the apparatus by 
transparently altering Domain Name Service ( DNS) messages, the apparatus comprising: 

a network node with at least two network interfaces, and 

a processor that captures [[capturing]] data packets through the network interfaces, 
[[analyzing]] analyzes captured packets, [[determining]] determines the user's geo-location, and 
[[modifying]] modifies DNS packets according to the user's geo-location to direct the user to the 
optimum server within the network service . 

2. (Currently Amended) The apparatus as described in of claim 1, wherein the 
optimum location is the geographically [[the]] closest one. 

3. (Currently Amended) The apparatus as described in of claim 1, wherein the 
optimum location is that of the geographically [[the]] closest server^ which has been determined 
to be healthy and actively serving [[users]] users' requests. 
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4. (Currently Amended) The apparatus as d e scribed in of claim 3, wherein [[the]] a 
healthy server is the one generating timely and correct responses to user requests. 

5. (Currently Amended) The apparatus as described in of claim 3, wherein the 
optimum location is the preferred location based on specific criteria chosen by [[the]] a service 
administrator. 

6. (Currently Amended) The apparatus as described in of claim 1 , wherein the 
location of a network service is one of the locations of many mirrored servers that are connected 
via a network. 

7. (Currently Amended) The apparatus as described in of claim 1, wherein [[a]] the 
network service is an Internet network service. 

8. (Currently Amended) The apparatus as described in of claim 1, wherein [[a]] the 
network service is an enterprise network service. 



9. (Currently Amended) The apparatus as described in of claim 1 , wherein the 
configuration of the apparatus is a set of rules to control the optimum server selection process. 
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1 0. (Currently Amended) The apparatus as d e scribed in of claim 1 , wherein 
transparently altering DNS messages is performed to capture and to modify the content of the 
DNS messages by operating at the Open System Interconnection ( OSD model's second layer a 
which is transparent to Internet Protocol (IP) users. 

1 1 . (Currently Amended) The apparatus as described in of claim 1 , wherein the 
network node is a device apparatus is attached to networks via said at least two network 
interfaces. 

12. (Currently Amended) The apparatus as described in of claim 1 , wherein the 
network node apparatus captures every packet detected on any of [[it]] its interfaces. 

1 3 . (Currently Amended) The apparatus as described in of claim 1 , wherein the 
network node apparatus analyzes the captured packets to determine network addresses, protocol 
port numbers, protocol message types, [[and]] specific protocol fields , or a combination of these . 

14. (Currently Amended) The apparatus as described in of claim 1, wherein the 
network node a pparatus comprises a previously built database, and wherein the apparatus 
determines the source IP address of the captured DNS message and consults its previously built 
database to determine the geographical location of the user that has sent the DNS message. 



Attorney Docket No. PAX-110 
Application No. 10/065,529 
Customer No. 59,241 

15. (Currently Amended) The apparatus as described in of claim 1 , wherein the 
network node apparatus modifies the captured DNS messages according to the geo-location of 
the [[DNS]] use r, and informs the user of lu infuuii the user with the IP address of the optimum 

server. 

1 6. (Currently Amended) The apparatus as described in of claim 1 , wherein the 
network node apparatus forwards every packet , which that is not a DNS message[[,]] to the other 
another interface. 

1 7. (Currently Amended) A method for selecting the optimum location of a network 
service based on a user's geographical location and the configuration of the method by 
transparently altering DNS messages, the method comprising: 

capturing data packets, 
analyzing captured packets, 
determining the user's geo-location, and 

modifying DNS packets according to the user's geo-location to direct the user to the 
optimum server. 

1 8. (Currently Amended) The method as described in of claim 1 7, wherein the 
optimum location is the geographically [[the]] closest one. 
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1 9. (Currently Amended) The method as described in of claim 1 7, wherein the 
optimum location is that of the geographically [[the]] closest server^ which has been determined 
to be healthy and actively serving [[users]] users 1 requests. 

20. (Currently Amended) The method as described in of claim 19, wherein [[the]] a 
healthy server is the one generating timely and correct responses to user requests. 

2 1 . (Currently Amended) The method as described in of claim 1 7, wherein the 
optimum location is the preferred location for some users based on some criteria chosen by 
[[the]] a service administrator. 

22. (Currently Amended) The method as described in of claim 1 7, wherein the 
location of a network service is one of the locations of many mirrored servers that are connected 
via a network. 

23. (Currently Amended) The method as described in of claim 17, wherein [[a]] the 
network service is an Internet network service. 

24. (Currently Amended) The method as described in of claim 17, wherein [[a]] the 
network service is an enterprise network service. 
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25 . (Currently Amended) The method as d e scribed in of claim 1 7, wherein the 
configuration of the method is a set of rules to control the optimum server selection process. 

26. (Currently Amended) The method as described in of claim 1 7, wherein 
transparently altering DNS messages is performed to capture and to modify the content of the 
DNS messages by operating at the OSI model's second layer^ which is transparent to Internet 
Protocol (IP) users. 

27. (Currently Amended) The method as described in of claim 1 7, wherein the 
method analyzes the captured packets to determine network addresses, protocol port numbers, 
protocol message types, [[and]] specific protocol field s, or a combination of these . 

28. (Currently Amended) The method as described in of claim 1 7, further comprising 
building a database, and wherein the method determines the source IP address of the captured 
DNS message and consults its previously built database to determine the geographical location of 
the user that has sent the DNS message. 

29. (Currently Amended) The method as described in of claim 1 7, wherein the 
method modifies the captured DNS messages according to the geo-location of the [[DNS]] user A 
and informs the user of to inform the user with the IP address of the optimum server. 
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30. (Currently Amended) The method as dcsuibcd in of claim 1 7, wherein the 
method forwards every packet[[, which]] that is not a DNS message. 

3 1 . (New) A system for selecting the geographically closest server to a user 
requesting a service from a network, said system comprising: 

at least two servers at geographically different locations in the network; 
at least one DNS server; and 

at least one hardware appliance comprising a database of IP addresses and the respective 
geographical locations associated with those IP addresses; 
wherein the hardware appliance: 

analyzes all DNS requests directed to a particular DNS server, 

determines the geographically closest server providing the service requested by 

the user, and 

provides the user the IP address of the geographically closest server that provides 
the requested service, 

wherein the hardware appliance provides the IP address of the closest 
server by modifying the DNS request from the user and modifying the DNS response from the 
server, 

and wherein the hardware appliance is located between the particular DNS server and the 
network backbone. 
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32. (New) The system of claim 31, wherein the hardware appliance determines the 
geographically closest server by consulting the database. 

33. (New) The system of claim 31, wherein the hardware appliance: 

modifies a general DNS request for a server providing a desired service by re-writing the 
request to request a specific geographically located server that provides the desired service, and 
modifies the DNS response to match the original general DNS request. 

34. (New) The system of claim 31, wherein the hardware appliance is located 
between a DNS server and a network backbone. 

35. (New) The system of claim 31, comprising multiple hardware appliances. 

36. (New) The system of claim 31, wherein each DNS server has associated with it a 
hardware appliance. 

37. (New) A method of altering the DNS request of a user at a specific geographical 
location who is requesting a service from a network, said method comprising: 

identifying the geographical location of a server serving the user; and 
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modifying the DNS request to request an IP address of a server that provides the 
requested service, and that is located at an optimal geographic location as compared to the user. 

38. (New) The method of claim 37, further comprising: 
modifying a DNS response to match the original DNS request. 

39. (New) A method of modifying a DNS response from a DNS server, said method 
comprising: 

receiving from a DNS server a response comprising an EP address for a specific server at 
a specific geo-location; 

correlating that IP address with a general request from a user for the IP address of a server 
providing the requested service; and 

modifying the DNS server response to match the general request. 

40. (New) The method of claim 39, further comprising, prior to receiving a DNS 
response from a DNS server: 

receiving a DNS request from a user; 

determining the geo-location of the user by determining the geo-location of the server 
used by the user; and 
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altering the DNS request from the user from a general request for an IP address of a 
server providing a desired service to a specific request for a server at a specific location. 

41. (New) The method of claim 39, further comprising: 
providing a hardware appliance that performs the recited steps. 
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